Riasztások
2025. március 20.
NA - CVE-2024-10721 - A stored cross-site scripting (XSS)...
A stored cross-site scripting (XSS) vulnerability was discovered in phpipam/phpipam version 1.5.2. This vulnerability allows an attacker to inject malicious scripts into the application, which can...
2025. március 20.
NA - CVE-2024-10722 - A stored cross-site scripting (XSS)...
A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2. The vulnerability allows attackers to inject malicious scripts into the 'Description' field of...
2025. március 20.
NA - CVE-2024-10723 - A stored cross-site scripting (XSS)...
A stored cross-site scripting (XSS) vulnerability was discovered in phpipam/phpipam version 1.5.2. This vulnerability allows an attacker to inject malicious scripts into the destination address...
2025. március 20.
NA - CVE-2024-10724 - A stored cross-site scripting (XSS)...
A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2, specifically in the Subnet NAT translations section when editing the Destination address. This...
2025. március 20.
NA - CVE-2024-10725 - A stored cross-site scripting (XSS)...
A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2. This vulnerability allows an attacker to inject malicious scripts into the application, which are then...
2025. március 20.
NA - CVE-2024-10727 - A reflected cross-site scripting (XSS)...
A reflected cross-site scripting (XSS) vulnerability exists in phpipam/phpipam versions 1.5.0 through 1.6.0. The vulnerability arises when the application receives data in an HTTP request and...
2025. március 20.
NA - CVE-2024-10762 - In lunary-ai/lunary before version 1.5.9, the...
In lunary-ai/lunary before version 1.5.9, the /v1/evaluators/ endpoint allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks proper access control,...
2025. március 20.
NA - CVE-2024-10812 - An open redirect vulnerability exists in...
An open redirect vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability occurs when a user is redirected to a URL specified by user-controlled input in the...
2025. március 20.
NA - CVE-2024-10819 - A Cross-Site Request Forgery (CSRF)...
A Cross-Site Request Forgery (CSRF) vulnerability in version 3.83 of binary-husky/gpt_academic allows an attacker to trick a user into uploading files without their consent, exploiting their...
2025. március 20.
NA - CVE-2024-10821 - A Denial of Service (DoS) vulnerability in the...
A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server (version v5.0.1) allows unauthenticated attackers to cause excessive resource...